<?php /*
Copyright 2002 Dan Boitnott (dboitnot@yahoo.com)

This file is part of phpTasks.

phpTasks is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

phpTasks is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with phpTasks; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*/ ?>
<?php
// Global Inits
require("global.php");

$CONFIG = array("db_name" => "tasks", "db_user" => "taskweb", "db_pass" => "taskweb", "sys_name" => "Task Master", "auth_method" => "http");
$CONFIG = parse_config_file("/etc/taskweb.conf", $CONFIG);

$conn = pg_connect("dbname=" . $CONFIG["db_name"] . " user=" . $CONFIG["db_user"] . " password=" . $CONFIG["db_pass"]);

// Security Concerns
session_register("sys_authd");
if (!isset($sys_authd))
	$sys_authd = false;

session_register("sys_authd_userid");
if (!isset($sys_authd_userid))
	$sys_authd_userid = 0;

switch ($CONFIG["auth_method"]) {
case "html":
	if (!$sys_authd) {
		if (is_array($HTTP_POST_VARS)) {
			foreach ($HTTP_POST_VARS as $k => $v) {
				if (($k != "login_username") && ($k != "login_password"))
					$login_hiddens[$k] = $v;
			}
   		}
		if (isset($HTTP_VARS["login_username"]) && isset($HTTP_VARS["login_password"])) {
			if ($login_r = fetchrow($conn, "users", "apachename='" . $HTTP_VARS["login_username"] . "' AND password='" . $HTTP_VARS["login_password"] . "'")) {
				$sys_authd = true;
				$sys_authd_userid = $login_r["userid"];
			} else {
				echo ($login_sql);
				html_login($REQUEST_URI, $login_hiddens, true);
				exit;
    			}
		} else {
			html_login($REQUEST_URI, $login_hiddens);
			exit;
   		}
	} else {
		$login_r = fetchrow($conn, "users", "userid=" . $sys_authd_userid);
  	}
	break;
default:
	if ($login_r = fetchrow($conn, "users", "apachename='" . $REMOTE_USER . "'")) {
		$sys_authd = true;
		$sys_authd_userid = $login_r["userid"];
	} else {
		$sys_authd = false;
		echo ("You are not a registered user of the Tasks sub-system!");
		exit;
	}
}

if ($sys_authd && $login_r["may_logon"]) {
	$USER["userid"] = $login_r["userid"];
	$USER["name"] = $login_r["name"];
	$USER["modifyusers"] = $login_r["may_modifyusers"];
	$USER["modifytasks"] = $login_r["may_modifytasks"];
	$USER["viewalltasks"] = $login_r["may_viewalltasks"];
} else {
	$sys_authd = false;
	echo ("You are not authorized to access this system!");
	exit;
}

// Session Variable Initalization...
// Task List Variables
session_register("tl_userid");
if (isset($HTTP_VARS["tl_userid"]))
	$tl_userid = $HTTP_VARS["tl_userid"];
elseif (!isset($tl_userid))
	$tl_userid = $USER["userid"];

session_register("tl_view");
if (isset($HTTP_VARS["tl_view"])) {
	if ($HTTP_VARS["tl_view"] != $tl_view) {
		$tl_view = $HTTP_VARS["tl_view"];
		if ($tl_view == "open")
			$tl_orderby = "priority";
		else
			$tl_orderby = "i_completed";
  	}
} elseif (!isset($tl_view))
	$tl_view = "open";

session_register("tl_orderby");
if (isset($HTTP_VARS["tl_orderby"])) {
	$tl_orderby = $HTTP_VARS["tl_orderby"];
} elseif (!isset($tl_orderby))
	$tl_orderby = ($tl_view == "open" ? "priority" : "completed_on");

function std_header($title) {
?>
	<html>
	<head>
	<link href='global.css' rel='STYLESHEET' type='text/css'>
	<title><?=$title?></title>
	</head>
	<body>
<?php
}

function std_footer() {
?>
	</body>
	</html>
<?php
}

function priority_color_old($p) {
	switch ($p) {
	case 1:
		$ret = "#ff7070";
		break;
  	case 2:
		$ret = "#ffc0c0";
		break;
  	case 3:
		$ret = "#ffffc0";
		break;
  	case 4:
		$ret = "#70ff70";
		break;
  	case 5:
		$ret = "#c0ffco";
  		break;
    	default:
		$ret = "#c0c0c0";
  	}
	return $ret;
}

function priority_color($p) {
        return priority_color_new($p, 1, 10);
}

function priority_color_new($p, $min, $max) {
	$gl = hexdec("a0");
        $ml = hexdec("ff");
	$c_min = array($ml, $gl, $gl);
        $c_mid = array($ml, $ml, $gl);
	$c_max = array($gl, $ml, $gl);

	$c_p = "";
	for ($x = 0; $x < 3; $x++) {
		$c_a = dechex(floor(dither($p, $min, $max, $c_min[$x], $c_max[$x], $c_mid[$x])));
		if (strlen($c_a) < 2)
			$c_a = "0" . $c_a;
		$c_p .= $c_a;
	}

	$ret = "#" . $c_p;

	return $ret;
}

function dither($p, $min, $max, $c_min, $c_max, $c_mid = "undefined") {
        if ($c_mid <> "undefined") {
                if ($p < ($min + (($max - $min) / 2))) {
                        $c_max = $c_mid;
                        $max = $max - (($max - $min) / 2);
                } else {
                        $c_min = $c_mid;
                        $min = $min + (($max - $min) / 2);
                }
        }
        if (($max - $min) > 0)
	        return $c_min + (($p - $min) * (($c_max - $c_min) / ($max - $min)));
        else
                return $c_max;
}

function sort_by_selector($prefix, $value, $method = "ASC") {
?>
	<select name='<?=$prefix?>_field'>
		<option <?=($value == "created") ? "selected" : "" ?> value='created'>Assignment Date</option>
		<option <?=($value == "completed") ? "selected" : "" ?> value='completed'>Completion Date</option>
		<option <?=($value == "priority") ? "selected" : "" ?> value='priority'>Priority</option>
		<option <?=($value == "taskid") ? "selected" : "" ?> value='taskid'>Task ID</option>
		<option <?=($value == "title") ? "selected" : "" ?> value='title'>Title</option>
	</select>
	<select name='<?=$prefix?>_method'>
		<option <?=($method == "ASC") ? "selected" : "" ?> value='ASC'>Ascending</option>
		<option <?+($method == "DESC") ? "selected" : "" ?> value='DESC'>Descending</option>
	</select>
<?php
}

function html_login($redir, $hiddens = false, $badtry = false) {
	std_header("Login");
	echo ("<form action='" . $redir . "' method='POST'>");
	if ($hiddens) {
		foreach ($hiddens as $k => $v)
			echo ("<input type=hidden name='$k' value='$v'>");
   	}
?>
	<table border='0'>
	<tr>
		<td colspan=2 align='left'><big><strong>Login:</strong></big></td>
  	</tr>
	<?php if ($badtry) { ?>
		<tr>
			<td colspan=2 align='left'><strong>Bad username or password</strong></td>
   		</tr>
     	<?php } ?>
	<tr>
		<td align='right'><small><strong>Username:</strong></small></td>
		<td align='left'><input type=text name='login_username'></td>
  	</tr><tr>
		<td align='right'><small><strong>Password:</strong></small></td>
		<td align='left'><input type=password name='login_password'></td>
  	</tr><tr>
		<td></td>
		<td align='left'><button type=submit>Ok</td>
  	</tr>
	</table>
	</form>
<?php
	std_footer();
}

function taskastext($conn, $taskid) {
	$sql = "SELECT * FROM task_list WHERE taskid=" . $taskid;
	$res = pg_exec($conn, $sql);
	if($r = get_row($res, 0)) {
		$ret = "Task #" . $r["taskid"] . ": " . $r["title"] . "\n";
		if ($r["completed"])
			$ret .= "Status: Completed " . $r["completed"] . "\n";
		else
			$ret .= "Open\n";
   		$ret .= "Assigned By: " . $r["assigned_by"] . "\n";
		$ret .= "Assigned To: " . $r["assigned_to_name"] . "\n";
		$ret .= "Description:\n";
		$ret .= $r["description"] . "\n\n";
		$ret .= "Log:\n";
		$sql = "SELECT * FROM tasklog_list WHERE taskid=" . $taskid . " ORDER BY created";
		$res = pg_exec($conn, $sql);
		$rc = pg_numrows($res);
		if ($rc > 0) {
			for ($rnum = 0; $rnum < $rc; $rnum++) {
				$l = get_row($res, $rnum, "daydatetime");
				$ret .= $l["user"] . " - " . $l["created"] . "\n";
				$ret .= $l["entry"] . "\n";
			}
		} else
			$ret .= "No Entries";
	} else
		$ret = false;
  	return $ret;
}
?>